Date: Sat, 05 Nov 2011 13:01:23 +0200 From: Mikolaj Golub <trociny@freebsd.org> To: Kostik Belousov <kostikbel@gmail.com> Cc: freebsd-hackers@freebsd.org, Robert Watson <rwatson@freebsd.org> Subject: Re: "ps -e" without procfs(5) Message-ID: <86r51msuik.fsf@kopusha.home.net> In-Reply-To: <20111031094948.GB50300@deviant.kiev.zoral.com.ua> (Kostik Belousov's message of "Mon, 31 Oct 2011 11:49:48 %2B0200") References: <86y5wkeuw9.fsf@kopusha.home.net> <20111016171005.GB50300@deviant.kiev.zoral.com.ua> <86aa8qozyx.fsf@kopusha.home.net> <20111025082451.GO50300@deviant.kiev.zoral.com.ua> <86aa8k2im0.fsf@kopusha.home.net> <20111031094948.GB50300@deviant.kiev.zoral.com.ua>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 31 Oct 2011 11:49:48 +0200 Kostik Belousov wrote:
KB> I suspect this is my bug: Reading the GET_PS_STRINGS_CHUNK_SZ may validly
KB> return EFAULT if the string is shorter than the chunk and aligned at
KB> the end of the page, assuming the next page is not mapped. There should
KB> be a fallback to fubyte() read loop. I remember that copyinstr() was
KB> unsuitable.
Hm, I thought that this issue was only for reading arg and env strings (which
could be shorter than GET_PS_STRINGS_CHUNK_SZ), but investigating the cases
when EFAULT was returned in my tests (running buildworld and procstat in loop)
I saw that it also returned when reading other objects (like struct
ps_strings), and a fallback to fubyte() read loop was successful in those
cases too.
So I updated the patch to do fallback for any type of read (although it does
not contain a good comment explaining why fubyte() read might succeed when
proc_rwmem() failed).
Also there were the cases when EFAULT was returned because arg vector
contained the NULL pointer. I observed this for sh processes. In
lib/libc/gen/setproctitle.c I found this comment:
oargc = ps_strings->ps_nargvstr;
oargv = ps_strings->ps_argvstr;
for (i = len = 0; i < oargc; i++) {
/*
* The program may have scribbled into its
* argv array, e.g., to remove some arguments.
* If that has happened, break out before
* trying to call strlen on a NULL pointer.
*/
if (oargv[i] == NULL) {
oargc = i;
break;
}
I have updated my patch to do the same.
Running buildworld test after these changes I have observed EFAULT only once,
for cc process, when argv contained a pointer to 0x40.
Also, for kern.proc.args some times errors like below are observed:
procstat: sysctl: kern.proc.args: 58002: 8: Exec format error
And for kern.proc.env:
procstat: sysctl: kern.proc.env: 81352: 16: Device busy
But I have not investigated these cases yet.
The update version:
http://people.freebsd.org/~trociny/env.sys.2.patch
--
Mikolaj Golub
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?86r51msuik.fsf>